package com.bank.controller;
 
 
import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

import com.bank.domain.Customer;
import com.bank.service.CustomerService;
 
/**
 * Handles and retrieves the login or denied page depending on the URI template
 */
@Controller
@RequestMapping("/auth")
public class LoginLogoutController {
	@Autowired
	@Qualifier("authenticationManager")
	AuthenticationManager authenticationManager;
	@Autowired
	SecurityContextRepository repository;
	
	@Autowired
	RememberMeServices rememberMeServices;	
 protected static Logger logger = Logger.getLogger("controller");
 @RequestMapping(value = "/login", method = RequestMethod.GET)
 public String getLoginPage(@RequestParam(value="error", required=false) boolean error, Model model) {
	 if (error == true) {
		 model.addAttribute("error", "You have entered an invalid username or password!");
	 } 
	 else {
	  model.addAttribute("error", "");
	 }

  	return "auth/login";
 }
  

 @RequestMapping(value = "/denied", method = RequestMethod.GET)
  public String getDeniedPage(RedirectAttributes redirectAttrs, Model model) {
	  logger.debug("Received request to show denied page");
		return "auth/deniedpage";
 }
 
 @RequestMapping(value = "/api/b2b/authorize", method = RequestMethod.GET)
 public String B2BAuth(@RequestParam(value = "username", required=true) String username, @RequestParam(value = "password", required=true) String password, HttpServletRequest request, HttpServletResponse response){
		UsernamePasswordAuthenticationToken token = 
				new UsernamePasswordAuthenticationToken(username, password);
			try {
				Authentication auth = authenticationManager.authenticate(token);
				SecurityContextHolder.getContext().setAuthentication(auth);
				repository.saveContext(SecurityContextHolder.getContext(), request, response);
				rememberMeServices.loginSuccess(request, response, auth);
				return "api/b2b/b2bAuthSuccess";
			} catch (BadCredentialsException ex) {
				return "api/b2b/b2bAuthFailed";
			}
 }

 @RequestMapping(value = "/api/b2b/authorize/logout", method = RequestMethod.GET)
 public String B2BLogout(HttpServletRequest request, HttpServletResponse response){
			try {
				SecurityContextHolder.getContext().setAuthentication(null);
				return "api/b2b/b2bAuthSuccess";
			} catch (BadCredentialsException ex) {
				return "api/b2b/b2bAuthFailed";
			}
 } 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
}